PARALLEL NETWORK-BASED VULNERABILITY SCANNING
Granted: January 30, 2025
Application Number:
20250039221
A computing device may receive a plurality of scanning requests with at least one scanning request in the plurality identifying a target address of a target network. The computing device may for at least a subset of the plurality of scanning requests: generate a scanner instance and a virtual network interface card (VNIC) in response to the scanning request. The scanner instance and the VNIC communicating with a routing namespace that can communicate with two or more scanner instances…
TECHNIQUES FOR TRANSFERRING DATA ACROSS AIR GAPS
Granted: January 30, 2025
Application Number:
20250039157
Techniques for transferring data to a secure computing region that is isolated from any public networks is disclosed. In some embodiments, one or more artifacts for the secure computing region are packaged. As part of the packaging, one or more data packets and metadata for the one or more artifacts can be generated. The metadata indicates corresponding destination components for the one or more artifacts within the secure computing region. The data packet(s) are received and transmitted…
MODEL AUGMENTATION FRAMEWORK FOR DOMAIN ASSISTED CONTINUAL LEARNING IN DEEP LEARNING
Granted: January 30, 2025
Application Number:
20250036962
Techniques are described herein for generating block extender model. An example method includes a system accessing a base model trained for identifying a base class. The system can access an extender comprising block extenders, the extender class distinct from the base class. The system can connect the extender with the base model to generate an augmented model. The system can input training data to the augmented model, the training data is provided to the base model and the extender,…
DISCOVERY OF DISCRETE PARTITIONING INFORMATION
Granted: January 30, 2025
Application Number:
20250036652
Techniques are described herein are directed toward a method for discovery of discrete partitioning information. A system can receive data sets in table format from source system. The data can be stored in the source system to be partitioned and transmitted from the source system to a target system. The system can determine a respective partitioning column for each data set. The system can determine a number of partitions. The system can determine, for each data set, a respective set of…
TECHNIQUES FOR RESOURCE UTILIZATION IN REPLICATION PIPELINE PROCESSING
Granted: January 30, 2025
Application Number:
20250036601
Techniques are described for ensuring end-to-end fair-share resource utilization during cross-region replication. In certain embodiments, a fair-share architecture is used for communication among pipeline stages performing a cross-region replication between different cloud infrastructure regions. Cross-region replication-related jobs are distributed evenly from a pipeline stage into a temporary buffer in the fair-share architecture, and then further distributed evenly form the fair-share…
AUTOMATIC DEFRAGMENTATION SERVICE
Granted: January 30, 2025
Application Number:
20250036447
Techniques are described for reducing capacity fragmentation by using an Automatic Defragmentation Service (ADS). More particularly, hypervisors (HVs) that are candidates to defragment are identified, an HV to defragment is selected, and one or more VM instances are migrated from the selected HV to a different HV. According to certain implementations, instead of migrating a VM to a new HV, the VM is live migrated to an existing HV.
CLUSTER BOOTSTRAPPING FOR DISTRIBUTED COMPUTING SYSTEMS
Granted: January 30, 2025
Application Number:
20250036423
A distributed computing system is described that leverages a nearline storage layer to minimize the downtime required for bootstrapping a new computing cluster in the distributed computing system. The system executes a computing cluster comprising a set of computing nodes and determines a set of one or more data segments to be written to a nearline storage system. The system writes the data segments to the nearline storage system. In certain examples, the system receives a request to…
PROVISIONING CLOUD RESOURCE INSTANCES ASSOCIATED WITH A VIRTUAL CLOUD NETWORK
Granted: January 23, 2025
Application Number:
20250030676
Techniques for provisioning a cloud resource instance associated with a virtual cloud network may include detecting a certificate bundle-retrieval trigger during a provisioning process for the cloud resource instance, and responsive to detecting the certificate bundle-retrieval trigger, sending, to an agent executing on a network interface linked to the cloud resource instance, a request for a certificate bundle for the cloud resource instance. Techniques may further include receiving…
SYSTEMS AND METHODS FOR REAL-TIME REPOSITORY MANAGEMENT FOR UNIVERSAL SERVICE DEPLOYMENT
Granted: January 23, 2025
Application Number:
20250030777
Systems and methods described herein related to real-time management of service deployment systems are disclosed. A management system may monitor an infrastructure environment repository in real-time. Differences in configurations stored within the repository may be identified and used to generate configuration data. The configuration data may be used to update service operating parameters and service deployment configurations. The configuration data may be used to generate deployment…
COMPARTMENT LEVEL BINDING FOR WORKLOAD IDENTITY
Granted: January 23, 2025
Application Number:
20250030680
Techniques are described for mapping a namespace to a compartment. An example method includes receiving, by a manager instance and from a pod, a first request for a token. The manager instance can transmit, to a token issuance service, a second request for the token. The token issuance service can identify a mapping object that maps the namespace to the resource. The token issuance service can transmit, to an identity service, the mapping object and a third request for the token. The…
AUTOMATICALLY INFERRING SOFTWARE-DEFINED NETWORK POLICIES FROM THE OBSERVED WORKLOAD IN A COMPUTING ENVIRONMENT
Granted: January 23, 2025
Application Number:
20250030603
Techniques are disclosed for automatically inferring software-defined network policies from the observed workload in a computing environment. The disclosed techniques include monitoring network traffic flow originating from network interfaces corresponding to containers that execute components of an application, recording details of a new network connection or a change in the existing network connection, obtaining information concerning the components of the application, identifying…
MIGRATING EDGE DEVICE RESOURCES TO A CLOUD COMPUTING ENVIRONMENT
Granted: January 23, 2025
Application Number:
20250030596
Techniques are disclosed for migrating one or more services from an edge device to a cloud computing environment. In one example, a migration service receives a request to migrate a first set of services from the edge device to the cloud computing environment. The migration service identifies a hardware profile of a computing device (or devices) of the cloud computing environment that matches the edge device, and then configures the computing device to execute a second set of services…
CONFIGURING A NETWORK-LINK FOR ESTABLISHING COMMUNICATION BETWEEN DIFFERENT CLOUD ENVIRONMENTS
Granted: January 23, 2025
Application Number:
20250030578
Techniques are described for creating a network-link between a first virtual network in a first cloud environment and a second virtual network in a second cloud environment. The first virtual network in the first cloud environment is created to enable a user associated with a customer tenancy in the second cloud environment to access one or more services provided in the first cloud environment. The network-link is created based on one or more link-enabling virtual networks being deployed…
UPDATING DIGITAL CERTIFICATES ASSOCIATED WITH A VIRTUAL CLOUD NETWORK
Granted: January 23, 2025
Application Number:
20250030561
Techniques for updating certificate bundles may include receiving, at an entity associated with a virtual cloud network, a certificate bundle that includes an updated set of certificate authority (CA) certificates. The techniques may include applying a validation process to an entity certificate based on the certificate bundle, with the entity certificate having been issued to the entity prior to the entity receiving the certificate bundle. The validation process may include validating,…
Workload Identity Resource Principle
Granted: January 23, 2025
Application Number:
20250030549
Techniques are described herein for authenticating a pod. A method can include a manager instance receiving a first request for a first token to access a computing resource. The manager instance can determine an identity of the service account and generate a second request for the first token based at least in part on the authentication. The manager instance can transmit the second request to a token issuance service of the computing system. The token issuance service can generate a…
REPLICATION OF CUSTOMER KEYS STORED IN A VIRTUAL VAULT
Granted: January 23, 2025
Application Number:
20250030542
Techniques are described for replicating encryption keys using a write ahead log (WAL). An example method can include receiving a request from a user device to transmit encryption keys stored in a first virtual vault of a first hardware security module (HSM) of a first data center to a second virtual vault of a second HSM of a second data center, the request comprising an account identifier. The method can further include identifying a first account-specific WAL of a plurality of…
ARTIFICIAL INTELLIGENCE TECHNIQUE FOR SOURCE METRIC BASED ON STRETCHED NORMALIZATION
Granted: January 23, 2025
Application Number:
20250029172
The present disclosure relates to systems and methods for using an artificial intelligence technique for determining a source score based on stretched normalization. A natural language query can be received and mapped. Sources can be identified, and actions can be taken with respect to each source. The actions can include determining an item-source metric, transforming the item-source metric using a stretched-normalization factor, and generating a source score based on the transformed…
Multi-Tenant Transactional Outbox Pattern For Event Publishing
Granted: January 23, 2025
Application Number:
20250028703
Operations include initiating execution of an atomic transaction; receiving confirmation of execution of the atomic transaction; publishing a notification corresponding to the execution of the atomic transaction; receiving the notification corresponding to the execution of the atomic transaction; retrieving the information corresponding to the database transaction; and publishing an event based on the information corresponding to the database transaction. The atomic transaction comprises…
Secure Modular Machine Learning Platform
Granted: January 16, 2025
Application Number:
20250021641
A secure, modular multi-tenant machine learning platform is configured to: receive untrusted code supplied by a first tenant; perform a security scan of the untrusted code to determine whether the untrusted code satisfies a set of one or more security requirements; responsive to determining that the untrusted code satisfies the security requirement(s): deploy the untrusted code to a runtime execution environment; deploy a machine learning model associated with the first tenant to the…
CLIENT COOKIE MANAGEMENT SYSTEM
Granted: January 16, 2025
Application Number:
20250023952
A client cookie management system is disclosed that includes capabilities for securely managing a session between a web-based application and a user interacting with the web-based application using session cookies. The system receives a request from a user to access a resource provided by a web server and forwards the request to the web server. The web server generates a session cookie comprising a session identifier associated with a session created for the user. The system receives the…
